CTFs

Cheat Sheets

Wireshark Cheat Sheet

Resources

Articles

• Capture The Flag (CTF) Resources For Beginners - Abdul Issa

• CTF Design Guidelines

• CTF Field Guide

• CTF Resources

• CTF Wiki

• Escaping the PyJail - Ludovic Barman

• HackTricks - Carlos Polop

• Infosec Tools

• Offensive Security Cheatsheet

• Online IT/Security Training

• Online Tools to crack CTF Contests

• picoCTF Primer

• pwny.cc

• The Many Maxims of Maximally Effective CTFs

GitHub repositories

• https://github.com/alphaSeclab/awesome-reverse-engineering

• apsdehal/awesome-ctf

• CTFs

• devploit/ctf-awesome-resources

• Hacking Lab

• how2heap

• RsaCtfTool - retreive private key from weak public key and/or uncipher data

• rsatool - rsatool can be used to calculate RSA and RSA-CRT parameters

• RSHack for CTF - Tool for RSA CTF's challenges

• Security Cheat Sheet

  • CMD

  • Metasploit

  • Reverse Shell

  • Wireshark

• zardus/ctf-tools

Offline Tools

• ImHex

Enumeration

• AutoRecon

• FinalRecon

• nmapAutomator

• Raccoon

• Reconbot

• RustScan

• Threader3000

Forensics

• Aircrack-ng - assess WiFi security

• bettercap - perform reconnaissance and attack WiFi networks, Bluetooth devices and IPv4/IPv6 networks

• capa - identify capabilities in executable files

• Detect It Easy - determines types of files

• The Sleuth Kit - analyse disk images and recover files

• volatility - memory forensics

Networking

• masscan

• Nmap

  • Cheat sheet

• Wireshark

• Zmap

Password Cracking

• BruteX

• hashcat

  • CrackerJack - Web GUI

  • GovCracker

  • hashcat.launcher - cross-platform app that runs and controls hashcat

  • hate_crack

• John the Ripper

  • Johnny - GUI frontend

• Ophcrack - Windows password cracker

Reconnaissance

• Bluto

• theHarvester

Reverse Engineering

• BARF - Binary Analysis and Reverse engineering Framework

• Boomerang - x86 to C decompiler

• FLARE Obfuscated String Solver - extract and deobfuscate all strings from malware binaries

• GDB - GNU Debugger

  • GEF - GDB Enhanced Features

  • pwndbg

• Ghidra - National Security Agency

• IDA Pro

• PLASMA - x86/ARM/MIPS disassembler

Online Tools

• FastPeopleSearch

• HexEd.it

Cryptography

• CrackStation - Online Password Hash Cracking

  • Password Cracking Dictionary (15 GB)

• CrypTool-Online

• dCode.xyz

• factordb

• Hash Decrypter

• Hash Type Identifier

• hashes.link

• MD5Hashing.net - Hash, hashing and encryption toolkit

• quipquip

• Substitution cipher decoder

• Vigenère Solver

Encoders / Decoders

• CyberChef

• Dencode

• JSfuck Decoder

Forensics

• InQuest Labs

• PacketTotal - A free, online PCAP analysis engine

• pcapfix - online pcap / pcapng repair service

• Simple Email Reputation

• VirusTotal - Analyse suspicious files, domains, IPs and URLs to detect malware and other breaches

Reverse Engineering

• androguard - Android apps

• apk2gold - Android apps

• Apktool - Android apps

• Java decompiler online

• Online Assembler and Disassembler

• OnlineGDB

• Resource Hacker - resource compiler/decompiler for Windows applications

• ROPgadget

Steganography

• Aperi'Solve

• StegCracker

• stegextract

• Steghide

• Stegsolve

• zsteg

Web Exploitation

• Burp Suite - web application security testing

• Commix - command injection exploitation tool

• dirsearch

• fimap - local/remote file injection audit tool

• gobuster - directory/file, DNS and VHost enumeration

• goWAPT

• Nikto - web server scanner

• Raccoon - vulnerability scanner

• Reverse Shell Generator

• sqlmap - automatic SQL injection tool

• SSL Server Test

• w3af - web application attack framework

• wfuzz

• XSSer - cross site scripter

Websites

• 316ctf - Anderson University

• CTFlearn

• CTFtime.org

• CTF Sites

• Exploit Education

• exploit-exercises.com

• Google CTF

• ImaginaryCTF - Daily CTF Challenges for Everyone

  • Archived Challenges

• kCTF - Kubernetes-based infrastructure for CTF competitions

• KITCTF

• MetaCTF

• picoCTF